Search Results (Refine Search)
- CPE Product Version: cpe:/h:cisco:unified_computing_system:-
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-4083 |
Multiple buffer overflows in the administrative web interface in Cisco Unified Computing System (UCS) allow remote authenticated users to cause a denial of service (memory corruption and session termination) via long string values for unspecified parameters, aka Bug ID CSCtg20751. Published: September 20, 2013; 12:55:07 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2012-4074 |
The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded private key, which allows man-in-the-middle attackers to obtain sensitive information or modify the data stream by leveraging knowledge of this key, aka Bug ID CSCte90338. Published: September 20, 2013; 12:55:07 PM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2012-4073 |
The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers, and read or modify KVM data, via a crafted certificate, aka Bug ID CSCte90332. Published: September 20, 2013; 12:55:07 PM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2012-4072 |
The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers, and read keyboard and mouse events, by leveraging knowledge of this certificate's private key, aka Bug ID CSCte90327. Published: September 20, 2013; 12:55:03 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2013-1190 |
The C-Series Rack Server component 1.4 in Cisco Unified Computing System (UCS) does not properly restrict inbound access to ports, which allows remote attackers to cause a denial of service (Integrated Management Controller reboot or hang) via crafted packets, as demonstrated by nmap, aka Bug ID CSCtx19850. Published: August 02, 2013; 8:10:40 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2011-2569 |
Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188. Published: October 27, 2011; 5:55:00 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |